2023 CVE Vulnerabilities
31,212 CVEs published in 2023.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2023-20572 | MEDIUM | 5.6 | — | Jun 26, 2026 | An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against th... |
| CVE-2023-20540 | LOW | 1.8 | — | Jun 26, 2026 | An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against th... |
| CVE-2023-54365 | HIGH | 8.7 | 0.4% | Jun 23, 2026 | Traefik before 2.10.5 and 3.0.0-beta4 is affected by a denial-of-service vulnerability in HTTP/2 request handling inheri... |
| CVE-2023-33854 | MEDIUM | 5.3 | 0.2% | Jun 22, 2026 | IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow a... |
| CVE-2023-45796 | HIGH | 8.1 | 0.3% | Jun 22, 2026 | A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to an... |
| CVE-2023-45795 | HIGH | 7.8 | 0.1% | Jun 22, 2026 | A cross-site scripting vulnerability in the Builder Component of Pilz PASvisu before 1.14.1 allows a local unauthenticat... |
| CVE-2023-54357 | HIGH | 8.7 | 0.3% | Jun 19, 2026 | Joomla com_booking component 2.4.9 contains an information disclosure vulnerability that allows unauthenticated attacker... |
| CVE-2023-54353 | HIGH | 8.5 | 0.1% | Jun 19, 2026 | Chromacam 4.0.3.0 contains an unquoted service path vulnerability in the PsyFrameGrabberService that allows local attack... |
| CVE-2023-32959 | MEDIUM | 4.3 | 0.2% | Jun 11, 2026 | Missing Authorization vulnerability in Sparkle WP MetroStore metrostore allows Exploiting Incorrectly Configured Access ... |
| CVE-2023-25969 | MEDIUM | 5.4 | 0.2% | Jun 11, 2026 | Missing Authorization vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder allows Exploiting Incorrectl... |
| CVE-2023-40200 | MEDIUM | 5.3 | 0.2% | Jun 11, 2026 | Authorization bypass through User-Controlled key vulnerability in Essential Plugin WP Logo Showcase Responsive Slider an... |
| CVE-2023-33999 | HIGH | 7.1 | 0.3% | Jun 11, 2026 | Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPVibes WP Mail Lo... |
| CVE-2023-43688 | HIGH | 7.5 | 0.2% | Jun 9, 2026 | An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). There is a Heap buffer overflow i... |
| CVE-2023-43686 | MEDIUM | 6.2 | 0.1% | Jun 9, 2026 | An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). A large number of Firefox prefere... |
| CVE-2023-29146 | HIGH | 8.2 | 0.1% | Jun 9, 2026 | The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes trunca... |
| CVE-2023-54352 | CRITICAL | 9.3 | 0.6% | Jun 8, 2026 | WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbit... |
| CVE-2023-54351 | MEDIUM | 5.1 | 0.2% | Jun 8, 2026 | WordPress Sonaar Music Plugin 4.7 contains a stored cross-site scripting vulnerability that allows unauthenticated attac... |
| CVE-2023-54350 | HIGH | 8.7 | 0.5% | Jun 8, 2026 | WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows ... |
| CVE-2023-5502 | HIGH | 8.2 | 0.3% | Jun 4, 2026 | On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing en... |
| CVE-2023-52951 | MEDIUM | 5.9 | 0.1% | Jun 3, 2026 | A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows ... |
| CVE-2023-52945 | HIGH | 7.8 | 0.1% | May 27, 2026 | Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13... |
| CVE-2023-7346 | MEDIUM | 4.1 | 0.1% | May 20, 2026 | Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause i... |
| CVE-2023-7345 | MEDIUM | 6.9 | 0.3% | May 19, 2026 | Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability th... |
| CVE-2023-24215 | CRITICAL | 9.1 | 0.3% | May 18, 2026 | Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers... |
| CVE-2023-31317 | HIGH | 8.8 | 0.1% | May 15, 2026 | Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer (ASP) could allow an... |
Check if your code is affected by 2023 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now